Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Why would $env:username and [environment]::username return different users?

Tags:

powershell

What is the difference between PowerShell's $env:username and [environment]::username and why would they potentially return different users? (I understand there are other ways to get the current user as well)

Some background:

I have an Azure Pipeline that runs a PowerShell script on a release target. The pipeline agent is configured to run under a specific service account. Part of that PowerShell script uses $env:username to assign permissions. However, permissions are assigned to the local admin account instead. If I change the script to use [environment]::username the correct service account user is given permissions.

like image 569
nick Avatar asked Jan 25 '23 16:01

nick

1 Answers

$env:USERNAME, while predefined to reflect the current user's username, is a read-write environment variable, just like any other.

Even though it's obviously inadvisable to do so, a statement such as $env:USERNAME = 'foo' changes the value of environment variable USERNAME for the current process as well as its child processes.

This means that if environment variable USERNAME was modified earlier in the same session or in PowerShell's parent process, possibly via an explicitly specified startup environment, it no longer reflects the true username.

While I don't know why the USERNAME environment variable would differ from the real account in the case of Azure Pipelines, an example of - inadvertently - setting the wrong value is PowerShell's Start-Process cmdlet when given the -UseNewEnvironment switch: due to a bug as of PowerShell Core 7.0.0-preview.5 / Windows PowerShell v5.1, $env:USERNAME unexpectedly always reflects SYSTEM, irrespective of the actual user account - see this GitHub issue.

By contrast, [Environment]::UserName uses a different method for obtaining the current user's username, which does not rely on the value of $env:USERNAME and always reflects the true username[1].

In short: Only [Environment]::UserName reliably reflects the current user account's username.

[1] From the linked docs: "On Windows the UserName property wraps a call to the Windows GetUserName function. The domain account credentials for a user are formatted as the user's domain name, the \ character, and user name. Use the UserDomainName property to obtain the user's domain name and the UserName property to obtain the user name.
On Unix platforms the UserName property wraps a call to the getpwuid_r function.

like image 146
mklement0 Avatar answered Feb 24 '23 11:02

mklement0
Sign in to Comment

Related questions

Conquering Active Directory's 1000 record limit
Check powershell version and run a function based on the version
VSTS docker task failed on '&&' token in docker RUN command
(AD) object equality in PowerShell
Trying to add R.exe to the PATH
PowerShell: Sort-Object by Name Ascending
How do I access values in an ordered PowerShell hash table using integer keys?
Split method splitting by a string which includes spaces
Get informations on Windows Scheduled Task duration (execution time)
How can I bypass execution policy when running scripts from Powershell ISE
Can't get access token for custom AD Application
Extract string from text file via Powershell
Change 3rd octet of IP in string format using PowerShell
How to change IPython shell text literal color (Windows Powershell)
How to escape square brackets in file paths with Invoke-WebRequest's -OutFile parameter
Invoke-WebRequest freezes / hangs
Powershell- Convert Complex XML to CSV
Concatenate filename with current directory path
How does PowerShell treat "." in paths?
How to pass parameters to all the pester test scripts

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!